On Monday, Apple released critical security updates for iPads, Macs and iPhones running older operating systems to fix serious flaws related to WebKit, kernel access, Wi-Fi and sandbox escapes.
The company released a significant series of security updates on May 11, fixing vulnerabilities in current and legacy versions of macOS, iOS, and iPadOS. Versions include macOS Tahoe 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, iOS 18.7.9, iPadOS 18.7.9, iPadOS 17.7.11, iOS 16.7.16, and iOS 15.8.8.
Detailed advisories published by the company describe flaws affecting the kernel, WebKit, Wi-Fi, sandbox protections, privacy systems and file management frameworks. Apple continues to provide security patches for iPhones, iPads and Macs released more than a decade ago, even after those devices lag behind newer operating systems.
Current generation operating systems have received the most significant security patches during the release cycle. For example, macOS Tahoe 26.5 includes fixes for vulnerabilities related to privilege escalation, sandbox escapes, denial of service attacks, Gatekeeper bypasses, arbitrary kernel-level code execution, and exposure of sensitive user data.
iOS 18.7.9 and iPadOS 18.7.9 address a wide range of vulnerabilities affecting the iPhone XS, iPhone XR, and seventh-generation iPad. The updates include fixes for vulnerabilities involving WebKit, Siri, Mail Drafts, App Intents, Wi-Fi, mDNSResponder, LaunchServices and several kernel components.
Apple also fixed vulnerabilities that could allow apps to gain elevated privileges, escape sandbox restrictions, or access protected user information.
None of the advisories identify the patched vulnerabilities as actively exploited in the wild. Apple typically includes explicit warnings when it believes attackers are already using a vulnerability against users, and these notices do not appear in the latest releases.
WebKit and kernel patches dominate the release
WebKit received some of the most important fixes in the latest security releases. The browser engine powers Safari, App Store previews, built-in app browsers, and many web views on iOS and macOS.
Apple has fixed several WebKit vulnerabilities that could bypass Content Security Policy protections, disclose sensitive user information, crash Safari processes, or corrupt memory via malicious web content. The release also contains numerous kernel fixes on macOS, iOS and iPadOS.
These patches address vulnerabilities related to root privilege escalation, kernel memory disclosure, integer overflows, out-of-bounds writes, race conditions, and Gatekeeper bypasses involving malicious disk images or ZIP archives.
Network and wireless systems have received several serious fixes. The updates address a Wi-Fi flaw that allows execution of arbitrary code with kernel privileges via an out-of-bounds write vulnerability and denial of service bugs involving crafted Wi-Fi packets and mDNSResponder network traffic.
Apple also fixed vulnerabilities related to enumeration of installed apps, app privacy report bypasses, IP address tracking, unauthorized access to contacts, screenshot capture via exposure of camera metadata, and several sandbox escape vulnerabilities.
Apple still keeps hardware from 2014 and 2015
Separate servicing updates continue to expand security support for aging hardware. Apple released dedicated versions for iPadOS 17, iOS 16, and iOS 15 instead of ending support once devices fall behind the latest branch of the operating system.
iPadOS 17.7.11 targets the sixth-generation iPad, 10.5-inch iPad Pro, and second-generation 12.9-inch iPad Pro. This release contains a single Notification Services hotfix that addresses an issue where deleted notifications could unexpectedly remain stored on the device.
Older hardware also received updates through iOS 16.7.16 and iPadOS 16.7.16 for devices like the iPhone X and the first-generation 12.9-inch iPad Pro. iOS 15.8.8 and iPadOS 15.8.8 extend support even further to hardware, including iPhone 6s, iPhone 7, first-generation iPhone SE, iPad Air 2, and iPad mini 4.
Both legacy branches address the same Notification Services vulnerability related to retained deleted notifications. Search attribution in reviews also reflects changes in the security industry.
Apple credited researchers from Google Threat Analysis Group, Google Project Zero, Palo Alto Networks, TrendAI Zero Day Initiative and independent security companies for this release. A kernel vulnerability in macOS Tahoe 26.5 has been attributed to Calif.io “in collaboration with Claude and Anthropic Research.”
How users can reduce risk
Most of the patched vulnerabilities affect browser engines, wireless networks, application isolation systems, and low-level components of the operating system. WebKit, Wi-Fi, and kernel vulnerabilities can affect basic operating system protections.
Users should install updates as soon as possible and then restart devices for kernel and network fixes to fully apply. Apple also recommends avoiding untrusted apps, unknown setup profiles, suspicious links, unsecured Wi-Fi networks, and unsolicited file downloads.
Several of the vulnerabilities fixed involve malicious web content, crafted files, privilege escalation, and sandbox escape flaws.
Safari and system browser updates are crucial because WebKit powers much of Apple’s software ecosystem beyond Safari. Users with unsupported devices that do not receive security updates should avoid using them for sensitive tasks such as banking, password management, or storing personal data.
What do you feel about this post?
Like
Love
Happy
Haha
Sad
